The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection attacks.- Ingestion points: Technical designs and implementation steps are fetched from GitHub issue details, user comments, and existing pull requests (SKILL.md, Steps 2, 3, 4).- Boundary markers: The skill does not use specific markers or delimiters to isolate untrusted data from the system prompt instructions.- Capability inventory: The agent can modify code, run arbitrary testing/linting suites, and push code to remote repositories (SKILL.md, Steps 6, 7, 9).- Sanitization: No sanitization or validation logic is defined to check the content of GitHub issues before the agent implements the described plan.- [COMMAND_EXECUTION]: The skill executes several system-level commands as part of the DevOps workflow.- Git Operations: Executes git status, checkout, commit, and push to manage code lifecycle.- Testing & Linting: Step 7 involves running project-specific tests and linters, which can execute scripts or binaries controlled by the repository content.

implement-plan